Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Web based threats dominate August malware

BitDefender UK : 09 September, 2008  (Technical Article)
Fake codec downloader occupies three positions in BitDefender's top ten threats for August
BitDefender's August list of top ten e-threats is dominated by web-based threats. Clicker.CM, a prevalent ad-serving Trojan tops the list. Three variants of the Wimad trojan downloader (a fake codec downloader usually found on malicious websites) take up positions two, three and four.

Closer to home at number five is Trojan,Qhost.AKR , a piece of malware aimed directly at BitDefender users which tries to disable the antivirus' update feature, thus compromising the host system. This is followed by a generic detection for a Flash exploit (used by multiple pieces of malware) in sixth position, while Trojan.Swizzor.1, another very old and rife web-based threat, enters at seventh position.

A curious appearance at number eight is an ActiveX exploit used to trick a browser into downloading and installing malware. The exploit targets an ActiveX control called Sina DLoader which is used by many (legitimate) Chinese websites. Whilst a cause for concern to anyone affected this is a rare occurrence outside of China.

A trojan that spreads via P2P file sharing takes ninth place, while the last spot goes to a downloader for a fake antivirus package 'XP Antivirus'.

"XP antivirus has previous form," commented Head of Virus Research, Sorin Dudea.

'It used to appear with a valid digital signature and a lengthy EULA, from sites with security-related names. As such it was somewhat of a champion in the social engineering area, convincing victims that it was in fact a legitimate piece of security software.

'Measures taken to revoke the malware's digital signature by GlobalSign and the denial of anonymity to the people who ran sites hosting it by Directi, seem to has put a dent in the operation,' says Mr. Dudea.

1 Trojan.Clicker.CM 7.38
2 Trojan.Downloader.Wimad.A 5.35
3 Trojan.Downloader.WMA.Wimad.N 3.89
4 Trojan.Downloader.WMA.Wimad.S 2.87
5 Trojan.Qhost.AKR 2.58
6 Exploit.SWF.Gen 2.56
7 Trojan.Swizzor.1 2.51
8 Exploit.SinaDLoader.A 2.38
9 Trojan.Autorun.TE 2.06
10 Trojan.FakeAlert.Gen.1 1.88
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo